Class: Nexpose::ScanTemplate

Inherits:
Object
  • Object
show all
Includes:
Sanitize
Defined in:
lib/nexpose/scan_template.rb

Overview

Configuration object for a scan template.

The constructor is designed to take a valid XML representation of a scan template. If you wish to create a new scan template from scratch, use the #load method without a template ID. If you wish to copy and modify an existing template, use the #copy method.

This class is only a partial representation of some of the features available for configuration.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Sanitize

#replace_entities

Constructor Details

#initialize(xml) ⇒ ScanTemplate

Returns a new instance of ScanTemplate.

Parameters:

  • xml (String)

    XML representation of a scan template.



55
56
57
 
# File 'lib/nexpose/scan_template.rb', line 55

def initialize(xml)
  @xml = REXML::Document.new(xml)
end

Instance Attribute Details

#xmlObject (readonly)

Parsed XML of a scan template.



52
53
54
 
# File 'lib/nexpose/scan_template.rb', line 52

def xml
  @xml
end

Class Method Details

.copy(nsc, id) ⇒ ScanTemplate

Copy an existing scan template, changing the id and title.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.

  • id (String)

    Unique identifier of an existing scan template.

Returns:

  • (ScanTemplate)

    A copy of the requested scan template configuration.



523
524
525
526
527
528
 
# File 'lib/nexpose/scan_template.rb', line 523

def self.copy(nsc, id)
  dupe = load(nsc, id)
  dupe.id   = '#NewScanTemplate#'
  dupe.name = "#{dupe.name} Copy"
  dupe
end

.load(nsc, id = nil) ⇒ ScanTemplate

Load a scan template.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.

  • id (String) (defaults to: nil)

    Unique identifier of an existing scan template. If no ID is provided, a blank, base template will be returned.

Returns:

  • (ScanTemplate)

    The requested scan template configuration.



507
508
509
510
511
512
513
514
515
 
# File 'lib/nexpose/scan_template.rb', line 507

def self.load(nsc, id = nil)
  if id
    response = JSON.parse(AJAX.get(nsc, "/data/scan/templates/#{URI.encode(id)}"))
    xml = response['value']
  else
    xml = AJAX.get(nsc, '/data/scan-template')
  end
  new(xml)
end

Instance Method Details

#_disable_check(check, elem) ⇒ Object 



421
422
423
424
425
426
 
# File 'lib/nexpose/scan_template.rb', line 421

def _disable_check(check, elem)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Enabled/#{elem}[@name='#{check}']")
  disabled_checks = checks.elements['Disabled'] || checks.add_element('Disabled')
  disabled_checks.add_element(elem, { 'name' => check })
end

#_enable_check(check, elem) ⇒ Object 



414
415
416
417
418
419
 
# File 'lib/nexpose/scan_template.rb', line 414

def _enable_check(check, elem)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/#{elem}[@name='#{check}']")
  enabled_checks = checks.elements['Enabled'] || checks.add_element('Enabled')
  enabled_checks.add_element(elem, { 'name' => check })
end

#_remove_check(check, elem) ⇒ Object 



428
429
430
431
432
 
# File 'lib/nexpose/scan_template.rb', line 428

def _remove_check(check, elem)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/#{elem}[@name='#{check}']")
  checks.elements.delete("Enabled/#{elem}[@name='#{check}']")
end

#aces_enabled?Boolean

Returns whether asset configuration scanning is enabled for this template.

Returns:

  • (Boolean)

    whether asset configuration scanning is enabled for this template.



572
573
574
 
# File 'lib/nexpose/scan_template.rb', line 572

def aces_enabled?
  aces_level == 'full'
end

#aces_levelString

Returns the asset configuration logging value for this template.

Returns:

  • (String)

    the asset configuration logging value for this template.



562
563
564
565
566
567
568
 
# File 'lib/nexpose/scan_template.rb', line 562

def aces_level
  logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging')
  return 'default' if logging.nil?
  aces = REXML::XPath.first(logging, 'aces')
  return 'default' if aces.nil?
  aces.attributes['level']
end

#aces_level=(level) ⇒ Object

Enable or disable asset configuration scanning for this template. If the level is not “full”, “default” or “none”, this is a no-op.

Parameters:

  • "full" (String)

    to enable asset configuration logging, and “default” or “none” to disable it.



544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
 
# File 'lib/nexpose/scan_template.rb', line 544

def aces_level=(level)
  return if level.nil?
  return unless ['full', 'default', 'none'].include? level.downcase
  logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging')
  if logging.nil?
    logging = REXML::Element.new('Logging')
    @xml.add_element(logging)
  end
  aces = REXML::XPath.first(logging, 'aces')
  if aces.nil?
    aces = REXML::Element.new('aces')
    logging.add_element(aces)
  end
  aces.attributes['level'] = level
end

#control_scanning=(enable) ⇒ Object

Adjust whether to perform control scanning (ControlsInsight integration) with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on control scanning.



121
122
123
124
 
# File 'lib/nexpose/scan_template.rb', line 121

def control_scanning=(enable)
  local_controls_scan = REXML::XPath.first(@xml, 'ScanTemplate/ControlsScan/localControlsScanEnabled')
  local_controls_scan.attributes['enabled'] = enable ? '1' : '0'
end

#control_scanning?Boolean

Returns Whether control scanning in enabled.

Returns:

  • (Boolean)

    Whether control scanning in enabled.



111
112
113
114
115
116
 
# File 'lib/nexpose/scan_template.rb', line 111

def control_scanning?
  global_controls_scan = REXML::XPath.first(@xml, 'ScanTemplate/ControlsScan/globalControlsScanEnabled')
  local_controls_scan  = REXML::XPath.first(@xml, 'ScanTemplate/ControlsScan/localControlsScanEnabled')

  global_controls_scan.attributes['enabled'] == '1' || local_controls_scan.attributes['enabled'] == '1'
end

#correlate=(enable) ⇒ Object

Adjust whether to correlate reliable checks with regular checks.

Parameters:

  • enable (Boolean)

    Whether to turn on vulnerability correlation.



295
296
297
298
 
# File 'lib/nexpose/scan_template.rb', line 295

def correlate=(enable)
  vuln_checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  vuln_checks.attributes['correlate'] = enable ? '1' : '0'
end

#correlate?Boolean

Returns Whether to correlate reliable checks with regular checks.

Returns:

  • (Boolean)

    Whether to correlate reliable checks with regular checks.



288
289
290
291
 
# File 'lib/nexpose/scan_template.rb', line 288

def correlate?
  vuln_checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  vuln_checks.attributes['correlate'] == '1'
end

#delete(nsc) ⇒ Object

Delete this scan template from the console. Cannot be used to delete a built-in template.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.



535
536
537
 
# File 'lib/nexpose/scan_template.rb', line 535

def delete(nsc)
  nsc.delete_scan_template(id)
end

#descriptionString

Returns Description of this scan template.

Returns:

  • (String)

    Description of this scan template.



91
92
93
94
 
# File 'lib/nexpose/scan_template.rb', line 91

def description
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  desc.nil? ? nil : desc.text.to_s
end

#description=(description) ⇒ Object

Assign a description to this scan template. Require attribute.

Parameters:

  • description (String)

    Description of the scan template.



98
99
100
101
102
103
104
105
106
107
108
 
# File 'lib/nexpose/scan_template.rb', line 98

def description=(description)
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  if desc
    desc.text = replace_entities(description)
  else
    root = REXML::XPath.first(xml, 'ScanTemplate')
    desc = REXML::Element.new('templateDescription')
    desc.add_text(description)
    root.add_element(desc)
  end
end

#disable_checks_by_category(category) ⇒ Object

Disable checks by category for this template.

Parameters:

  • category (String)

    Category to disable. @see #list_vuln_categories



358
359
360
 
# File 'lib/nexpose/scan_template.rb', line 358

def disable_checks_by_category(category)
  _disable_check(category, 'VulnCategory')
end

#disable_checks_by_type(type) ⇒ Object

Disable checks by type for this template.

Parameters:

  • type (String)

    Type to disable. @see #list_vuln_types



401
402
403
 
# File 'lib/nexpose/scan_template.rb', line 401

def disable_checks_by_type(type)
  _disable_check(type, 'CheckType')
end

#disable_vuln_check(check_id) ⇒ Object

Disable individual check for this template.

Parameters:

  • check_id (String)

    Unique identifier of vuln check.



467
468
469
470
471
472
 
# File 'lib/nexpose/scan_template.rb', line 467

def disable_vuln_check(check_id)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Enabled/Check[@id='#{check_id}']")
  disabled_checks = checks.elements['Disabled'] || checks.add_element('Disabled')
  disabled_checks.add_element('Check', { 'id' => check_id })
end

#disabled_checks_by_categoryArray[String]

Get a list of the check categories disabled for this scan template.

Returns:

  • (Array[String])

    List of enabled categories.



332
333
334
335
 
# File 'lib/nexpose/scan_template.rb', line 332

def disabled_checks_by_category
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
  checks ? checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] } : []
end

#disabled_checks_by_typeArray[String]

Get a list of the check types disabled for this scan template.

Returns:

  • (Array[String])

    List of enabled check types.



375
376
377
378
 
# File 'lib/nexpose/scan_template.rb', line 375

def disabled_checks_by_type
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
  checks ? checks.elements.to_a('CheckType').map { |c| c.attributes['name'] } : []
end

#disabled_vuln_checksArray[String]

Get a list of the individual vuln checks disabled for this scan template.

Returns:

  • (Array[String])

    List of enabled vulnerability checks.



447
448
449
450
 
# File 'lib/nexpose/scan_template.rb', line 447

def disabled_vuln_checks
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
  checks ? checks.elements.to_a('Check').map { |c| c.attributes['id'] } : []
end

#enable_checks_by_category(category) ⇒ Object

Enable checks by category for this template.

Parameters:

  • category (String)

    Category to enable. @see #list_vuln_categories



350
351
352
 
# File 'lib/nexpose/scan_template.rb', line 350

def enable_checks_by_category(category)
  _enable_check(category, 'VulnCategory')
end

#enable_checks_by_type(type) ⇒ Object

Enable checks by type for this template.

Parameters:

  • type (String)

    Type to enable. @see #list_vuln_types



393
394
395
 
# File 'lib/nexpose/scan_template.rb', line 393

def enable_checks_by_type(type)
  _enable_check(type, 'CheckType')
end

#enable_debug_logging=(enable) ⇒ Object

Enable or disable the debug logging.

Parameters:

  • enable (Boolean)

    Enable or disable the debug logging.



578
579
580
581
582
583
584
585
586
587
588
589
590
591
 
# File 'lib/nexpose/scan_template.rb', line 578

def enable_debug_logging=(enable)
  return if enable.nil?
  logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging')
  if logging.nil?
    logging = REXML::Element.new('Logging')
    @xml.add_element(logging)
  end
  debug_logging = REXML::XPath.first(logging, 'debugLogging')
  if debug_logging.nil?
    debug_logging = REXML::Element.new('debugLogging')
    logging.add_element(debug_logging)
  end
  debug_logging.attributes['enabled'] = (enable ? 1 : 0)
end

#enable_enhanced_logging=(enable) ⇒ Object

Enable or disable the enhanced logging.

Parameters:

  • enable (Boolean)

    Enable or disable the enhanced logging.



595
596
597
598
 
# File 'lib/nexpose/scan_template.rb', line 595

def enable_enhanced_logging=(enable)
  self.enable_debug_logging = enable
  self.aces_level = (enable ? 'full' : 'none')
end

#enable_icmp_device_discovery=(enable) ⇒ Object

Enable/disable ICMP device discovery

Parameters:

  • enable (Boolean)

    Enable or disable ICMP device discovery



209
210
211
212
 
# File 'lib/nexpose/scan_template.rb', line 209

def enable_icmp_device_discovery=(enable)
  icmp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/icmpHostCheck')
  icmp.attributes['enabled'] = (enable ? 1 : 0)
end

#enable_ip_stack_fingerprinting=(enable) ⇒ Object

Enable/disable IP stack fingerprinting

Parameters:

  • enable (Boolean)

    Enable or disable IP stack fingerprinting



194
195
196
197
198
199
200
201
202
203
204
205
 
# File 'lib/nexpose/scan_template.rb', line 194

def enable_ip_stack_fingerprinting=(enable)
  ns = REXML::XPath.first(@xml, 'ScanTemplate/Plugins/Plugin[@name="java/NetworkScanners"]')
  param = REXML::XPath.first(ns, './param[@name="ipFingerprintEnabled"]')
  if param
    param.text = (enable ? 1 : 0)
  else
    param = REXML::Element.new('param')
    param.add_attribute('name', 'ipFingerprintEnabled')
    param.text = (enable ? 1 : 0)
    ns.add_element(param)
  end
end

#enable_tcp_device_discovery=(enable) ⇒ Object

Enable/disable TCP device discovery

Parameters:

  • enable (Boolean)

    Enable or disable TCP device discovery



216
217
218
219
 
# File 'lib/nexpose/scan_template.rb', line 216

def enable_tcp_device_discovery=(enable)
  tcp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/TCPHostCheck')
  tcp.attributes['enabled'] = (enable ? 1 : 0)
end

#enable_tcp_service_discovery=(enable) ⇒ Object

Enable or disable TCP port scanning.

Parameters:

  • enable (Boolean)

    Enable or disable TCP ports



244
245
246
247
 
# File 'lib/nexpose/scan_template.rb', line 244

def enable_tcp_service_discovery=(enable)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/TCPPortScan')
  service_ports.attributes['mode'] = 'none' unless enable
end

#enable_udp_device_discovery=(enable) ⇒ Object

Enable/disable UDP device discovery

Parameters:

  • enable (Boolean)

    Enable or disable UDP device discovery



230
231
232
233
 
# File 'lib/nexpose/scan_template.rb', line 230

def enable_udp_device_discovery=(enable)
  udp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/UDPHostCheck')
  udp.attributes['enabled'] = (enable ? 1 : 0)
end

#enable_udp_service_discovery=(enable) ⇒ Object

Enable or disable UDP service discovery

Parameters:

  • enable (Boolean)

    Enable or disable UDP service discovery



282
283
284
285
 
# File 'lib/nexpose/scan_template.rb', line 282

def enable_udp_service_discovery=(enable)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/UDPPortScan')
  service_ports.attributes['mode'] = 'none' unless enable
end

#enable_vuln_check(check_id) ⇒ Object

Enable individual check for this template.

Parameters:

  • check_id (String)

    Unique identifier of vuln check.



456
457
458
459
460
461
 
# File 'lib/nexpose/scan_template.rb', line 456

def enable_vuln_check(check_id)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/Check[@id='#{check_id}']")
  enabled_checks = checks.elements['Enabled'] || checks.add_element('Enabled')
  enabled_checks.add_element('Check', { 'id' => check_id })
end

#enabled_checks_by_categoryArray[String]

Get a list of the check categories enabled for this scan template.

Returns:

  • (Array[String])

    List of enabled categories.



341
342
343
344
 
# File 'lib/nexpose/scan_template.rb', line 341

def enabled_checks_by_category
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
  checks ? checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] } : []
end

#enabled_checks_by_typeArray[String]

Get a list of the check types enabled for this scan template.

Returns:

  • (Array[String])

    List of enabled check types.



384
385
386
387
 
# File 'lib/nexpose/scan_template.rb', line 384

def enabled_checks_by_type
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
  checks ? checks.elements.to_a('CheckType').map { |c| c.attributes['name'] } : []
end

#enabled_vuln_checksArray[String]

Get a list of the individual vuln checks enabled for this scan template.

Returns:

  • (Array[String])

    List of enabled vulnerability checks.



438
439
440
441
 
# File 'lib/nexpose/scan_template.rb', line 438

def enabled_vuln_checks
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
  checks ? checks.elements.to_a('Check').map { |c| c.attributes['id'] } : []
end

#exclude_tcp_service_discovery_ports=(ports) ⇒ Object

Exclude TCP ports during TCP service discovery

Parameters:

  • ports (Array)

    TCP ports to exclude from TCP service discovery



260
261
262
263
 
# File 'lib/nexpose/scan_template.rb', line 260

def exclude_tcp_service_discovery_ports=(ports)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/ExcludedTCPPortScan')
  REXML::XPath.first(service_ports, './portList').text = ports.join(',')
end

#exclude_udp_service_discovery_ports=(ports) ⇒ Object

Exclude UDP ports when performing UDP service discovery

Parameters:

  • ports (Array)

    UDP ports to exclude from UDP service discovery



275
276
277
278
 
# File 'lib/nexpose/scan_template.rb', line 275

def exclude_udp_service_discovery_ports=(ports)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/ExcludedUDPPortScan')
  REXML::XPath.first(service_ports, './portList').text = ports.join(',')
end

#host_threads=(threads) ⇒ Object

Adjust the number of threads to use per asset for this template

Parameters:

  • threads (Integer)

    the number of threads to use per asset



187
188
189
190
 
# File 'lib/nexpose/scan_template.rb', line 187

def host_threads=(threads)
  host_threads = REXML::XPath.first(@xml, 'ScanTemplate/General/hostThreads')
  host_threads.text = threads.to_s
end

#idString

Returns Unique identifier of the scan template.

Returns:

  • (String)

    Unique identifier of the scan template.



60
61
62
63
 
# File 'lib/nexpose/scan_template.rb', line 60

def id
  root = REXML::XPath.first(@xml, 'ScanTemplate')
  root.attributes['id']
end

#id=(value) ⇒ Object 



65
66
67
68
 
# File 'lib/nexpose/scan_template.rb', line 65

def id=(value)
  root = REXML::XPath.first(@xml, 'ScanTemplate')
  root.attributes['id'] = value
end

#invulnerable_storage=(enable) ⇒ Object

Adjust whether to Store Invulnerable results with this template.

Parameters:

  • enable (Boolean)

    Whether to Store Invulnerable results.



173
174
175
176
 
# File 'lib/nexpose/scan_template.rb', line 173

def invulnerable_storage=(enable)
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['invulnerableStorage'] = enable ? 'on' : 'off'
end

#invulnerable_storage?Boolean

Returns Whether Invulnerable Results is enabled.

Returns:

  • (Boolean)

    Whether Invulnerable Results is enabled.



166
167
168
169
 
# File 'lib/nexpose/scan_template.rb', line 166

def invulnerable_storage?
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['invulnerableStorage'] == 'on'
end

#nameString

Returns Name or title of this scan template.

Returns:

  • (String)

    Name or title of this scan template.



71
72
73
74
 
# File 'lib/nexpose/scan_template.rb', line 71

def name
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  desc.nil? ? nil : desc.attributes['title']
end

#name=(name) ⇒ Object

Assign name to this scan template. Required attribute.

Parameters:

  • name (String)

    Title to assign.



78
79
80
81
82
83
84
85
86
87
88
 
# File 'lib/nexpose/scan_template.rb', line 78

def name=(name)
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  if desc
    desc.attributes['title'] = replace_entities(name)
  else
    root = REXML::XPath.first(xml, 'ScanTemplate')
    desc = REXML::Element.new('templateDescription')
    desc.add_attribute('title', name)
    root.add_element(desc)
  end
end

#policy_scanning=(enable) ⇒ Object

Adjust whether to perform policy scanning with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on policy scanning.



147
148
149
150
 
# File 'lib/nexpose/scan_template.rb', line 147

def policy_scanning=(enable)
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disablePolicyScan'] = enable ? '0' : '1'
end

#policy_scanning?Boolean

Returns Whether policy scanning in enabled.

Returns:

  • (Boolean)

    Whether policy scanning in enabled.



140
141
142
143
 
# File 'lib/nexpose/scan_template.rb', line 140

def policy_scanning?
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disablePolicyScan'] == '0'
end

#potential_checks=(enable) ⇒ Object

Adjust whether to perform potential vulnerability checks with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on potential checks.



323
324
325
326
 
# File 'lib/nexpose/scan_template.rb', line 323

def potential_checks=(enable)
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['potential'] = enable ? '1' : '0'
end

#potential_checks?Boolean

Returns Whether potential vulnerability checks are performed with this template.

Returns:

  • (Boolean)

    Whether potential vulnerability checks are performed with this template.



316
317
318
319
 
# File 'lib/nexpose/scan_template.rb', line 316

def potential_checks?
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['potential'] == '1'
end

#remove_checks_by_category(category) ⇒ Object

Remove checks by category for this template. Removes both enabled and disabled checks.

Parameters:

  • category (String)

    Category to remove. @see #list_vuln_categories



367
368
369
 
# File 'lib/nexpose/scan_template.rb', line 367

def remove_checks_by_category(category)
  _remove_check(category, 'VulnCategory')
end

#remove_checks_by_type(type) ⇒ Object

Remove checks by type for this template. Removes both enabled and disabled checks.

Parameters:

  • type (String)

    Type to remove. @see #list_vuln_types



410
411
412
 
# File 'lib/nexpose/scan_template.rb', line 410

def remove_checks_by_type(type)
  _remove_check(type, 'CheckType')
end

#remove_vuln_check(check_id) ⇒ Object

Remove individual check for this template. Removes both enabled and disabled checks.

Parameters:

  • check_id (String)

    Unique identifier of vuln check.



479
480
481
482
483
 
# File 'lib/nexpose/scan_template.rb', line 479

def remove_vuln_check(check_id)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/Check[@id='#{check_id}']")
  checks.elements.delete("Enabled/Check[@id='#{check_id}']")
end

#save(nsc) ⇒ Object

Save this scan template configuration to a Nexpose console.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.



489
490
491
492
493
494
495
496
497
498
 
# File 'lib/nexpose/scan_template.rb', line 489

def save(nsc)
  root = REXML::XPath.first(@xml, 'ScanTemplate')
  if root.attributes['id'] == '#NewScanTemplate#'
    response = JSON.parse(AJAX.post(nsc, '/data/scan/templates', xml))
    root.attributes['id'] = response['value']
  else
    response = JSON.parse(AJAX.put(nsc, "/data/scan/templates/#{URI.encode(id)}", xml))
  end
  response['value']
end

#scan_threads=(threads) ⇒ Object

Adjust the number of threads to use per scan engine for this template

Parameters:

  • threads (Integer)

    the number of threads to use per engine



180
181
182
183
 
# File 'lib/nexpose/scan_template.rb', line 180

def scan_threads=(threads)
  scan_threads = REXML::XPath.first(@xml, 'ScanTemplate/General/scanThreads')
  scan_threads.text = threads.to_s
end

#tcp_device_discovery_ports=(ports) ⇒ Object

Set custom TCP ports to scan for device discovery

Parameters:

  • ports (Array)

    Ports to scan for device discovery



223
224
225
226
 
# File 'lib/nexpose/scan_template.rb', line 223

def tcp_device_discovery_ports=(ports)
  tcp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/TCPHostCheck')
  REXML::XPath.first(tcp, './portList').text = ports.join(',')
end

#tcp_service_discovery_ports=(ports) ⇒ Object

Set custom TCP ports to scan for TCP service discovery

Parameters:

  • ports (Array)

    Ports to scan for TCP service discovery



251
252
253
254
255
256
 
# File 'lib/nexpose/scan_template.rb', line 251

def tcp_service_discovery_ports=(ports)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/TCPPortScan')
  service_ports.attributes['mode'] = 'custom'
  service_ports.attributes['method'] = 'syn'
  REXML::XPath.first(service_ports, './portList').text = ports.join(',')
end

#udp_device_discovery_ports=(ports) ⇒ Object

Set custom UDP ports to scan for UDP device discovery

Parameters:

  • ports (Array)

    Ports to scan for UDP device discovery



237
238
239
240
 
# File 'lib/nexpose/scan_template.rb', line 237

def udp_device_discovery_ports=(ports)
  udp = REXML::XPath.first(@xml, 'ScanTemplate/DeviceDiscovery/CheckHosts/UDPHostCheck')
  REXML::XPath.first(udp, './portList').text = ports.join(',')
end

#udp_service_discovery_ports=(ports) ⇒ Object

Set custom UDP ports to scan for UDP service discovery

Parameters:

  • ports (Array)

    Ports to scan during UDP service discovery



267
268
269
270
271
 
# File 'lib/nexpose/scan_template.rb', line 267

def udp_service_discovery_ports=(ports)
  service_ports = REXML::XPath.first(@xml, 'ScanTemplate/ServiceDiscovery/UDPPortScan')
  service_ports.attributes['mode'] = 'custom'
  REXML::XPath.first(service_ports, './portList').text = ports.join(',')
end

#unsafe_checks=(enable) ⇒ Object

Adjust whether to perform unsafe vulnerability checks with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on unsafe checks.



309
310
311
312
 
# File 'lib/nexpose/scan_template.rb', line 309

def unsafe_checks=(enable)
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['unsafe'] = enable ? '1' : '0'
end

#unsafe_checks?Boolean

Returns Whether unsafe vulnerability checks are performed by this template.

Returns:

  • (Boolean)

    Whether unsafe vulnerability checks are performed by this template.



302
303
304
305
 
# File 'lib/nexpose/scan_template.rb', line 302

def unsafe_checks?
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['unsafe'] == '1'
end

#vuln_scanning=(enable) ⇒ Object

Adjust whether to perform vuln scanning with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on vuln scanning.



134
135
136
137
 
# File 'lib/nexpose/scan_template.rb', line 134

def vuln_scanning=(enable)
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableVulnScan'] = enable ? '0' : '1'
end

#vuln_scanning?Boolean

Returns Whether vuln scanning in enabled.

Returns:

  • (Boolean)

    Whether vuln scanning in enabled.



127
128
129
130
 
# File 'lib/nexpose/scan_template.rb', line 127

def vuln_scanning?
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableVulnScan'] == '0'
end

#web_spidering=(enable) ⇒ Object

Adjust whether to perform web spidering with this template.

Parameters:

  • enable (Boolean)

    Whether to turn on web spider scanning.



160
161
162
163
 
# File 'lib/nexpose/scan_template.rb', line 160

def web_spidering=(enable)
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableWebSpider'] = enable ? '0' : '1'
end

#web_spidering?Boolean

Returns Whether web spidering in enabled.

Returns:

  • (Boolean)

    Whether web spidering in enabled.



153
154
155
156
 
# File 'lib/nexpose/scan_template.rb', line 153

def web_spidering?
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableWebSpider'] == '0'
end

#windows_service_editor=(enable) ⇒ Object

Enable or disable windows service editor.

Parameters:

  • enable (Boolean)

    Enable or disable windows service editor.



602
603
604
605
606
607
608
609
610
611
612
613
614
 
# File 'lib/nexpose/scan_template.rb', line 602

def windows_service_editor=(enable)
  cifs_scanner = REXML::XPath.first(@xml, 'ScanTemplate/Plugins/Plugin[@name="java/CifsScanner"]')
  param = REXML::XPath.first(cifs_scanner, './param[@name="windowsServiceEditor"]')
  if param
    param.text = (enable ? '1' : '0')
  else
    param = REXML::Element.new('param')
    param.attributes['name'] = 'windowsServiceEditor'
    param.text = (enable ? '1' : '0')
    cifs_scanner.add_element(param)
  end
  param.text
end